CVE-2021-4480

high

Description

Dräger Protector Software prior to version 6.4.2 contains a local privilege escalation vulnerability due to insecure file system permissions that allows local attackers to execute arbitrary code with elevated privileges. Attackers can replace binaries or loaded modules on the host system to execute code with NT SYSTEM privileges.

References

https://www.vulncheck.com/advisories/dr-ger-protector-software-local-privilege-escalation-via-insecure-file-permissions

https://static.draeger.com/security/download/2021-267-01-Draeger-Protector-Software-vulnerabilities.pdf

Details

Source: Mitre, NVD

Published: 2026-06-02

Updated: 2026-06-04

Risk Information

CVSS v2

Base Score: 6.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:C/A:C

Severity: Medium

CVSS v3

Base Score: 8.2

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:H

Severity: High

CVSS v4

Base Score: 8.3

Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:H/SC:N/SI:H/SA:H

Severity: High

EPSS

EPSS: 0.00015